Re: Changes to Debian Maintainer upload permissions
On 23/09/2012 17:49, Joachim Breitner wrote: we need to upload all450 packages with no source change That's called a binNMU and is very simple to schedule, as you already know ;) In the OCaml team, we have the very same issue and we try to avoid arch:all packages for libraries and applications because it makes transitions harder for no good reason. Regards, -- Mehdi Dogguy مهدي الدڤي -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50643f8e.7090...@dogguy.org
Re: Changes to Debian Maintainer upload permissions
On 23/09/2012 17:49, Joachim Breitner wrote: Hi, Am Sonntag, den 23.09.2012, 15:59 +0200 schrieb Joerg Jaspert: The DM flag (and in future ACL) shows that one trusts that one DM to do a good job on that one package. Extending it like this DM may upload all packages of [whateverbiglist] is just wrong. (Of course this is just convenience and can already be achieved by a small script that generates the list of packages.) Yeah, but please don't. Sillyness like all of our team packages are always for all DMs of us is really working against the system, IMO. If you want people to have upload rights for such large sets, make them DD. DM is for people interested in small(er) style maintenance. I wouldn’t say it is plain wrong; there are certainly exceptions. All (library )packages by the DHG have identical packaging issues – if someone is able to do a good job on one of them, he is able to do a good job of all of them. Also, the real time-consuming work for us is when we need to upload all450 packages with no source change, or a trivial one. I am certainly looking forward to distribute the load not only on the DDs but also on the DMs. FWIW, I also think it is the wrong approach for the following reason: The DM status (as I understand it) wasn't created to easily give people upload rights. It is used to give upload rights for people that don't want to become DD (for some reason) but yet want to contribute/maintain a small set of packages ; or for people waiting to become DD. If some person has a need to upload 450 packages, then that person should become DD. Your idea simply abuses the DM status. My 2 cents, -- Mehdi Dogguy مهدي الدڤي -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5064410e.2010...@dogguy.org
Re: Changes to Debian Maintainer upload permissions
Le lundi 24 septembre 2012 23:53:01, Kurt Roeckx a écrit : On Mon, Sep 24, 2012 at 07:33:03PM +0200, Joachim Breitner wrote: package X would depend on the maintainer field of the packages *already* in Debian, not the one in the package he uploads. Just the way it is at One way to read your bonus points would allow the DM to upload a new package with the maintainer set to pkg-haskell-maintainers. That can also be interpreted as allowing the DM to upload/NMU any package as long as he sets the maintainer field to pkg-haskell-maintainers. Hence it's not what was proposed. But I can also read it as a DD first needs to upload the package with the maintainer field set to pkg-haskell-maintainers, and from then on any DM in that group can upload that package. AFAIUI, that's the proposed change. Kurt Thomas signature.asc Description: This is a digitally signed message part.
Re: Changes to Debian Maintainer upload permissions
On Sun, Sep 23, 2012 at 07:13:08PM +0200, Joachim Breitner wrote: (BTW, source only uploads anyone? Then I can easily do the uploads on my own and need neither the DDs nor the DMs in my team to do what computers can do better.) If it's happening often enough, you may want to think about creating your own autobuilding environment to which you can then do source-only uploads. Signing those builds (using gpg-agent or similar) should then be fairly easy, no? -- The volume of a pizza of thickness a and radius z can be described by the following formula: pi zz a -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120924111745.gr17...@grep.be
Re: Changes to Debian Maintainer upload permissions
[Joachim Breitner] Would it be possible to extend the syntax to specify lists of packages not by name, but by Maintainer, e.g. pkg-haskell-maintainers@l.a.d.o? Bonus points if such an assigment is expanded at dinstall time, so that the statement “DM 1234 may upload all packages owned by this group” stays up-to-date even if after new packages of this team have been added? So ... you want to give a DM the ability to NMU any package in the archive, just by changing the Maintainer field? While I'm sure such shenanigans would be caught quickly enough and the DM LARTed, it still doesn't seem like a good idea to me. Peter -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120924165905.ga4...@p12n.org
Re: Changes to Debian Maintainer upload permissions
Hi, Am Montag, den 24.09.2012, 11:59 -0500 schrieb Peter Samuelson: [Joachim Breitner] Would it be possible to extend the syntax to specify lists of packages not by name, but by Maintainer, e.g. pkg-haskell-maintainers@l.a.d.o? Bonus points if such an assigment is expanded at dinstall time, so that the statement “DM 1234 may upload all packages owned by this group” stays up-to-date even if after new packages of this team have been added? So ... you want to give a DM the ability to NMU any package in the archive, just by changing the Maintainer field? Obviously the question whether a DM, who is allowed to upload packages on behalf of pkg-haskell-maintainers@l.a.d.o, is allowed to upload package X would depend on the maintainer field of the packages already in Debian, not the one in the package he uploads. Just the way it is at the moment with DMUA: A DM cannot just NMU an arbitrary package just by setting the flag in the new package. But thanks for asking, just in case this was not clear to others. Greetings, Joachim -- Joachim nomeata Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata signature.asc Description: This is a digitally signed message part
Re: Changes to Debian Maintainer upload permissions
On Mon, Sep 24, 2012 at 07:33:03PM +0200, Joachim Breitner wrote: Hi, Am Montag, den 24.09.2012, 11:59 -0500 schrieb Peter Samuelson: [Joachim Breitner] Would it be possible to extend the syntax to specify lists of packages not by name, but by Maintainer, e.g. pkg-haskell-maintainers@l.a.d.o? Bonus points if such an assigment is expanded at dinstall time, so that the statement DM 1234 may upload all packages owned by this group stays up-to-date even if after new packages of this team have been added? So ... you want to give a DM the ability to NMU any package in the archive, just by changing the Maintainer field? Obviously the question whether a DM, who is allowed to upload packages on behalf of pkg-haskell-maintainers@l.a.d.o, is allowed to upload package X would depend on the maintainer field of the packages already in Debian, not the one in the package he uploads. Just the way it is at the moment with DMUA: A DM cannot just NMU an arbitrary package just by setting the flag in the new package. One way to read your bonus points would allow the DM to upload a new package with the maintainer set to pkg-haskell-maintainers. That can also be interpreted as allowing the DM to upload/NMU any package as long as he sets the maintainer field to pkg-haskell-maintainers. But I can also read it as a DD first needs to upload the package with the maintainer field set to pkg-haskell-maintainers, and from then on any DM in that group can upload that package. Kurt -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120924215301.ga1...@roeckx.be
Re: Changes to Debian Maintainer upload permissions
Quoting Gergely Nagy (alger...@madhouse-project.org): Yep, that is one of the solutions I mentioned earlier. Therefore, if a DM does care, migrating to the new system is by all means possible, and they have very little to do, they will not be punished for another person's absence or mistake. I agree with that point of view. However, it would then be good to point people whose uploads are rejected this way to a place where they would have a good chance to get help restoring the situation (not sure which place is best suited for that). signature.asc Description: Digital signature
Re: Changes to Debian Maintainer upload permissions
Hi! On Sat, 2012-09-22 at 10:06:35 +0200, Ansgar Burchardt wrote: This new interface replaces the old DMUA field. The old field will stop working on the 24th of November 2012, from then on only packages explicitly granted upload permission to their DMs using the interface described here will pass the DM check. Cool! I've now locally queued a patch removing support for the field from dpkg, which will be included in the first 1.17.x version uploaded (to experimental) after the date the field stops being honoured on the archive side. thanks, guillem -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120923071432.ga18...@gaara.hadrons.org
Re: Changes to Debian Maintainer upload permissions
On 12978 March 1977, Joachim Breitner wrote: Would it be possible to extend the syntax to specify lists of packages not by name, but by Maintainer, e.g. pkg-haskell-maintainers@l.a.d.o? Not with the current setup. We have a m:n relation between DMs and source packages. It's an interesting idea though, but then also not really what DM is about. The DM flag (and in future ACL) shows that one trusts that one DM to do a good job on that one package. Extending it like this DM may upload all packages of [whateverbiglist] is just wrong. (Of course this is just convenience and can already be achieved by a small script that generates the list of packages.) Yeah, but please don't. Sillyness like all of our team packages are always for all DMs of us is really working against the system, IMO. If you want people to have upload rights for such large sets, make them DD. DM is for people interested in small(er) style maintenance. -- bye, Joerg _DeadBull_ ohne speicher, tastatur, mouse, pladde, monitor, also nur die Hardware... -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87vcf4u9f8@gkar.ganneff.de
Re: Changes to Debian Maintainer upload permissions
Hi, Am Sonntag, den 23.09.2012, 15:59 +0200 schrieb Joerg Jaspert: The DM flag (and in future ACL) shows that one trusts that one DM to do a good job on that one package. Extending it like this DM may upload all packages of [whateverbiglist] is just wrong. (Of course this is just convenience and can already be achieved by a small script that generates the list of packages.) Yeah, but please don't. Sillyness like all of our team packages are always for all DMs of us is really working against the system, IMO. If you want people to have upload rights for such large sets, make them DD. DM is for people interested in small(er) style maintenance. I wouldn’t say it is plain wrong; there are certainly exceptions. All (library )packages by the DHG have identical packaging issues – if someone is able to do a good job on one of them, he is able to do a good job of all of them. Also, the real time-consuming work for us is when we need to upload all 450 packages with no source change, or a trivial one. I am certainly looking forward to distribute the load not only on the DDs but also on the DMs. Greetings, Joachim -- Joachim nomeata Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata signature.asc Description: This is a digitally signed message part
Re: Changes to Debian Maintainer upload permissions
On 09/23/2012 11:49 PM, Joachim Breitner wrote: Also, the real time-consuming work for us is when we need to upload all450 packages with no source change, or a trivial one. Someone assigned with such task as modifying (even trivially) and uploading 450 packages should definitively be(come) a DD. Thomas -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/505f384b.90...@debian.org
Re: Changes to Debian Maintainer upload permissions
Hi, Am Montag, den 24.09.2012, 00:26 +0800 schrieb Thomas Goirand: On 09/23/2012 11:49 PM, Joachim Breitner wrote: Also, the real time-consuming work for us is when we need to upload all450 packages with no source change, or a trivial one. Someone assigned with such task as modifying (even trivially) and uploading 450 packages should definitively be(come) a DD. I am not sure. Especially if the modifying is actually done before, in the repo, reviewed by the team, maybe semi-automated across the packages and all they are doing then is to manually build the packages in the right order and upload them – I don’t see why a DM should be less entitled to do so, or why we would want to have only DDs spend their time on this tedious task. (BTW, source only uploads anyone? Then I can easily do the uploads on my own and need neither the DDs nor the DMs in my team to do what computers can do better.) That said, I am of course happy about every DHG-member that becomes a DD. Greetings, Joachim -- Joachim nomeata Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata signature.asc Description: This is a digitally signed message part
Re: Changes to Debian Maintainer upload permissions
Hi, On 22.09.2012 10:06, Ansgar Burchardt wrote: We are using this opportunity to clean up the DM database and will not convert any of the DMUA flags to the new format, but two months ought to be enough for any active DM to ensure their sponsor DDs have set the new permission. please don't. This is not only to work out active DMs, but also a denial of service attack against active DMs where their former sponsor is unavailable or disappeared since then. It's not necessarily the DMs fault, if he fails to get _someone else_ to send a be-alive message within two months. -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D signature.asc Description: OpenPGP digital signature
Re: Changes to Debian Maintainer upload permissions
Arno Töll a...@debian.org writes: On 22.09.2012 10:06, Ansgar Burchardt wrote: We are using this opportunity to clean up the DM database and will not convert any of the DMUA flags to the new format, but two months ought to be enough for any active DM to ensure their sponsor DDs have set the new permission. please don't. This is not only to work out active DMs, but also a denial of service attack against active DMs where their former sponsor is unavailable or disappeared since then. It's not necessarily the DMs fault, if he fails to get _someone else_ to send a be-alive message within two months. I am sure that on the rare occassion where the DM faces this kind of trouble, we will be able to find a suitable solution. I don't think anyone wants to punish DMs, quite the contrary. I do not think there is any need to worry, no active DM will be left behind. So if any DM is having an issue along these lines, yell, and I am sure some solution will be found. (I can think of at least three solutions, and only one requires more work from the DM, but results in that M turning into a D, which can also be beneficial in the long run!) -- |8] -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87zk4i5o0j@luthien.mhp
Re: Changes to Debian Maintainer upload permissions
On Sat, Sep 22, 2012 at 11:56:54AM +0200, Arno Tröll wrote: Hi, On 22.09.2012 10:06, Ansgar Burchardt wrote: We are using this opportunity to clean up the DM database and will not convert any of the DMUA flags to the new format, but two months ought to be enough for any active DM to ensure their sponsor DDs have set the new permission. please don't. This is not only to work out active DMs, but also a denial of service attack against active DMs where their former sponsor is unavailable or disappeared since then. It's not necessarily the DMs fault, if he fails to get _someone else_ to send a be-alive message within two months. OK, here's how I see this. If any DM asks me to, and they can show they've made uploads (with DMUA) before this announcement for that package, and that they've not broken things in a gnarly gnarly way (and if their sponsor is VAC, MIA or otherwise not here), I don't think I'd have any problem flipping the bit back over. Yes, even if I'd not have given them DMUA on my own. In the end, being a DM comes down to *trust*. They could (quite easily) break into a buildd / slave it out for evil. Why should we assume the worst? Let's just lax the rules slightly if they had DMUA and used it for requests for the next month or two. We trust they are who they say they are, and if they show they've made good decisions when uploading in the past, why not. It's easy to revoke the commit bit. My two cents :) -- .''`. Paul Tagliamonte paul...@debian.org : :' : Proud Debian Developer `. `'` 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87 `- http://people.debian.org/~paultag signature.asc Description: Digital signature
Re: Changes to Debian Maintainer upload permissions
Paul Tagliamonte paul...@debian.org writes: If any DM asks me to, and they can show they've made uploads (with DMUA) before this announcement for that package, and that they've not broken things in a gnarly gnarly way (and if their sponsor is VAC, MIA or otherwise not here), I don't think I'd have any problem flipping the bit back over. Yes, even if I'd not have given them DMUA on my own. Yep, that is one of the solutions I mentioned earlier. Therefore, if a DM does care, migrating to the new system is by all means possible, and they have very little to do, they will not be punished for another person's absence or mistake. -- |8] -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87vcf65fvu@luthien.mhp
Re: Changes to Debian Maintainer upload permissions
Hi, Am Samstag, den 22.09.2012, 10:06 +0200 schrieb Ansgar Burchardt: During the FTPMaster meeting last week we have implemented the new interface for managing DM permissions[1]. very cool stuff, this makes DMs much more useful in teams with a large amount of packages, thanks a lot! Would it be possible to extend the syntax to specify lists of packages not by name, but by Maintainer, e.g. pkg-haskell-maintainers@l.a.d.o? Bonus points if such an assigment is expanded at dinstall time, so that the statement “DM 1234 may upload all packages owned by this group” stays up-to-date even if after new packages of this team have been added? (Of course this is just convenience and can already be achieved by a small script that generates the list of packages.) Greetings, Joachim -- Joachim nomeata Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata signature.asc Description: This is a digitally signed message part